Published Sep 23, 2014 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: W32/Backdoor.FSZO-5117 (Command) Gen:Trojan.Heur.JP.juW@ayZZvMb (BitDefender) Trojan.Inject1.6386 (Dr.Web) Win32/Korplug.A trojan (ESET) Trojan.Win32.Korplug (Ikarus) Backdoor/Win32.Plugx (AhnLab) Backdoor.Win32.Agent.dhwf (Kaspersky) W32/Korplug.CH!tr (Fortinet)


Windows Defender  detects and removes this family of threats.

These threats connect to a remote server to receive instructions from a malicious hacker. This can include downloading files onto your PC.

They can be installed when you visit a malicious or hacked website.

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find other, hidden malware.

Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us